{"id":"https://openalex.org/W3188555407","doi":"https://doi.org/10.1145/3460120.3484779","title":"One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization","display_name":"One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3188555407","doi":"https://doi.org/10.1145/3460120.3484779","mag":"3188555407"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3484779","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3484779","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2108.04575","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5034542496","display_name":"Robert Buhren","orcid":null},"institutions":[{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Robert Buhren","raw_affiliation_strings":["Technische Universit\u00e4t Berlin - SECT, Berlin, Germany","Technical University of Berlin"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin - SECT, Berlin, Germany","institution_ids":["https://openalex.org/I4577782"]},{"raw_affiliation_string":"Technical University of Berlin","institution_ids":["https://openalex.org/I4577782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022858680","display_name":"Hans Niklas Jacob","orcid":"https://orcid.org/0000-0003-1090-7063"},"institutions":[{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Hans-Niklas Jacob","raw_affiliation_strings":["Technische Universit\u00e4t Berlin - SECT, Berlin, Germany","Technical University of Berlin"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin - SECT, Berlin, Germany","institution_ids":["https://openalex.org/I4577782"]},{"raw_affiliation_string":"Technical University of Berlin","institution_ids":["https://openalex.org/I4577782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015270861","display_name":"Thilo Krachenfels","orcid":"https://orcid.org/0000-0002-8569-2020"},"institutions":[{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Thilo Krachenfels","raw_affiliation_strings":["Technische Universit\u00e4t Berlin - SECT, Berlin, Germany","Technical University of Berlin"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin - SECT, Berlin, Germany","institution_ids":["https://openalex.org/I4577782"]},{"raw_affiliation_string":"Technical University of Berlin","institution_ids":["https://openalex.org/I4577782"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5001159554","display_name":"Jean\u2010Pierre Seifert","orcid":"https://orcid.org/0000-0002-5372-4825"},"institutions":[{"id":"https://openalex.org/I4210133470","display_name":"Fraunhofer Institute for Secure Information Technology","ror":"https://ror.org/03qt2gs44","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210133470","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jean-Pierre Seifert","raw_affiliation_strings":["Technische Universit\u00e4t Berlin - SECT &amp; Fraunhofer SIT, Berlin, Germany","Technical University of Berlin"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin - SECT &amp; Fraunhofer SIT, Berlin, Germany","institution_ids":["https://openalex.org/I4210133470","https://openalex.org/I4577782"]},{"raw_affiliation_string":"Technical University of Berlin","institution_ids":["https://openalex.org/I4577782"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5034542496"],"corresponding_institution_ids":["https://openalex.org/I4577782"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.1064763,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"2875","last_page":"2889"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9944999814033508,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9864000082015991,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7633061408996582},{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.7141995429992676},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.6192722916603088},{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.5754573345184326},{"id":"https://openalex.org/keywords/virtualization","display_name":"Virtualization","score":0.511237621307373},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5101202130317688},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.46592116355895996},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4647563695907593},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4557175636291504},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.43106138706207275},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.3894159197807312}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7633061408996582},{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.7141995429992676},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.6192722916603088},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.5754573345184326},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.511237621307373},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5101202130317688},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.46592116355895996},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4647563695907593},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4557175636291504},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43106138706207275},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.3894159197807312}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.1145/3460120.3484779","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3484779","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2108.04575","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2108.04575","pdf_url":"https://arxiv.org/pdf/2108.04575","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:3188555407","is_oa":true,"landing_page_url":"https://arxiv.org/pdf/2108.04575.pdf","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"pmh:oai:fraunhofer.de:N-643550","is_oa":false,"landing_page_url":"http://publica.fraunhofer.de/documents/N-643550.html","pdf_url":null,"source":{"id":"https://openalex.org/S4306400801","display_name":"Publikationsdatenbank der Fraunhofer-Gesellschaft (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Fraunhofer SIT","raw_type":"Conference Paper"},{"id":"pmh:oai:publica.fraunhofer.de:publica/413120","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/413120","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"},{"id":"doi:10.48550/arxiv.2108.04575","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2108.04575","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2108.04575","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2108.04575","pdf_url":"https://arxiv.org/pdf/2108.04575","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.4699999988079071}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3188555407.pdf","grobid_xml":"https://content.openalex.org/works/W3188555407.grobid-xml"},"referenced_works_count":26,"referenced_works":["https://openalex.org/W1948575246","https://openalex.org/W1971466344","https://openalex.org/W2111725598","https://openalex.org/W2247093607","https://openalex.org/W2559981079","https://openalex.org/W2560082747","https://openalex.org/W2775584553","https://openalex.org/W2790592307","https://openalex.org/W2795160257","https://openalex.org/W2907416151","https://openalex.org/W2920929786","https://openalex.org/W2959284240","https://openalex.org/W2962754566","https://openalex.org/W3020133545","https://openalex.org/W3023959029","https://openalex.org/W3033754679","https://openalex.org/W3088385171","https://openalex.org/W3101233422","https://openalex.org/W3103974952","https://openalex.org/W3136349221","https://openalex.org/W3153646319","https://openalex.org/W3161212018","https://openalex.org/W3173474283","https://openalex.org/W3177645431","https://openalex.org/W3180349812","https://openalex.org/W4288086179"],"related_works":["https://openalex.org/W3212271742","https://openalex.org/W2971247463","https://openalex.org/W2795294395","https://openalex.org/W2996220252","https://openalex.org/W2949808477","https://openalex.org/W3103974952","https://openalex.org/W58308990","https://openalex.org/W2165927985","https://openalex.org/W3091936459","https://openalex.org/W3113229168","https://openalex.org/W1903836093","https://openalex.org/W3100317779","https://openalex.org/W2462153085","https://openalex.org/W2036601091","https://openalex.org/W2900998043","https://openalex.org/W2466602928","https://openalex.org/W82449594","https://openalex.org/W2072031510","https://openalex.org/W2552114886","https://openalex.org/W2348002376"],"abstract_inverted_index":{"AMD":[0,34],"Secure":[1,35,161],"Encrypted":[2],"Virtualization":[3],"(SEV)":[4],"offers":[5],"protection":[6],"mechanisms":[7],"for":[8,137,179,197],"virtual":[9,47],"machines":[10,48],"in":[11,213],"untrusted":[12],"environments":[13,215],"through":[14],"memory":[15],"and":[16,85],"register":[17],"encryption.":[18],"To":[19],"separate":[20],"security-sensitive":[21],"operations":[22],"from":[23,216],"software":[24],"executing":[25],"on":[26,68,78,99,182,223],"the":[27,33,52,69,79,100,145,151,168,172,183,187],"main":[28],"x86":[29],"cores,":[30],"SEV":[31,76,97,160,207],"leverages":[32],"Processor":[36],"(AMD-SP).":[37],"This":[38],"paper":[39],"introduces":[40],"a":[41,56,95,108,134],"new":[42],"approach":[43],"to":[44,64,93,106,126,131,144,171,185,193],"attack":[45,59],"SEV-protected":[46],"(VMs)":[49],"by":[50],"targeting":[51],"AMD-SP.":[53],"We":[54],"present":[55],"voltage":[57],"glitching":[58],"that":[60,74,206],"allows":[61,124],"an":[62,104],"attacker":[63],"execute":[65],"custom":[66,96],"payloads":[67],"AMD-SPs":[70],"of":[71,120,175],"all":[72],"microarchitectures":[73],"support":[75],"currently":[77,224],"market":[80],"(Zen":[81],"1,":[82],"Zen":[83,86],"2,":[84],"3).":[87],"The":[88,165],"presented":[89],"methods":[90],"allow":[91],"us":[92,125],"deploy":[94],"firmware":[98,173,199],"AMD-SP,":[101],"which":[102,123],"enables":[103],"adversary":[105],"decrypt":[107],"VM's":[109],"memory.":[110],"Furthermore,":[111],"using":[112],"our":[113,202],"approach,":[114],"we":[115,149,190,204],"can":[116],"extract":[117,186],"endorsement":[118,169,188],"keys":[119,170],"SEV-enabled":[121],"CPUs,":[122],"fake":[127],"attestation":[128],"reports":[129],"or":[130],"pose":[132],"as":[133,220],"valid":[135,195],"target":[136,146],"VM":[138],"migration":[139],"without":[140],"requiring":[141],"physical":[142],"access":[143],"host.":[147],"Moreover,":[148],"reverse-engineered":[150],"Versioned":[152],"Chip":[153],"Endorsement":[154],"Key":[155],"(VCEK)":[156],"mechanism":[157],"introduced":[158],"with":[159],"Nested":[162],"Paging":[163],"(SEV-SNP).":[164],"VCEK":[166],"binds":[167],"version":[174],"TCB":[176],"components":[177],"relevant":[178],"SEV.":[180],"Building":[181],"ability":[184],"keys,":[189],"show":[191],"how":[192],"derive":[194],"VCEKs":[196],"arbitrary":[198],"versions.":[200],"With":[201],"findings,":[203],"prove":[205],"cannot":[208],"adequately":[209],"protect":[210],"confidential":[211],"data":[212],"cloud":[214],"insider":[217],"attackers,":[218],"such":[219],"rogue":[221],"administrators,":[222],"available":[225],"CPUs.":[226]},"counts_by_year":[],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}